В Wed, 7 May 2014 17:15:27 +0400
Alexander Tsoy <alexander@xxxxxxx> пишет:
> В Wed, 07 May 2014 14:10:49 +0200
> Harald Hoyer <harald@xxxxxxxxxx> пишет:
>
> > On 07.05.2014 14:08, Harald Hoyer wrote:
> > > On 07.05.2014 13:47, Alexander Tsoy wrote:
> > >> Actually hostonly-cmdline is partially broken with systemd in
> > >> initramfs. For example systemd-cryptsetup-generator does not
> > >> read /etc/cmdline.d/*.conf files, so rd.luks* parameters must be
> > >> appended to kernel cmdline anyway.
> > >>
> > >
> > > True! Good point!
> > > Although /etc/crypttab is included with hostonly.
> > >
> >
> > Ah, oh.. I forgot, dracut *does* use rd.luks.uuid from the kernel command line
> > and creates /etc/crypttab lines from it in the initramfs.
> > So basically it *should* work with systemd.
>
> This doesn't work with full disk encryption. Unit file does not get
> generated and I see this message:
>
> [ 7.142993] testhost dracut-initqueue[202]: Failed to start systemd-cryptsetup@luks\x2d342d2414\x2d159c\x2d48d7\x2da0b7\x2d5b59fa6e27a5.service: Unit
> systemd-cryptsetup@luks\x2d342d2414\x2d159c\x2d48d7\x2da0b7\x2d5b59fa6e27a5.service failed to load: No such file or directory.
Note that I don't have an entry for this luks device in /etc/crypttab. I
always thought that this is not necessary since all needed options
are in cmdline.
>
> Probably this is because crypt-run-generator get executed from udev
> rules only if *both* of the following conditions are true:
> - there is no rd.luks.uuid parameter in both cmdline
> and /etc/cmdline.d/*.conf
> - rd.auto is enabled
>
Here is a possible fix that works fine on my system (hostonly +
hostonly-cmdline + empty /etc/crypttab + no rd.luks* in kernel
cmdline).
diff --git a/modules.d/90crypt/parse-crypt.sh b/modules.d/90crypt/parse-crypt.sh
index a6b5252..8bb1328 100755
--- a/modules.d/90crypt/parse-crypt.sh
+++ b/modules.d/90crypt/parse-crypt.sh
@@ -35,8 +35,8 @@ else
printf -- 'ENV{ID_FS_TYPE}=="crypto_LUKS", '
printf -- 'ENV{ID_FS_UUID}=="*%s*", ' $luksid
printf -- 'RUN+="%s --settled --unique --onetime ' $(command -v initqueue)
- printf -- '--name systemd-cryptsetup-%%k %s start ' $(command -v systemctl)
- printf -- 'systemd-cryptsetup@luks$$(dev_unit_name -$env{ID_FS_UUID}).service"\n'
+ printf -- '--name crypt-run-generator-%%k %s ' $(command -v crypt-run-generator)
+ printf -- '$env{DEVNAME} luks-$env{ID_FS_UUID}"\n'
} >> /etc/udev/rules.d/70-luks.rules.new
fi
fi
--
Alexander Tsoy
--
To unsubscribe from this list: send the line "unsubscribe initramfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
